CN111801926B - 用于公开至少一个密码学密钥的方法和系统 - Google Patents

用于公开至少一个密码学密钥的方法和系统 Download PDF

Info

Publication number
CN111801926B
CN111801926B CN201980015440.5A CN201980015440A CN111801926B CN 111801926 B CN111801926 B CN 111801926B CN 201980015440 A CN201980015440 A CN 201980015440A CN 111801926 B CN111801926 B CN 111801926B
Authority
CN
China
Prior art keywords
communication
publish
cryptographic key
unit
subscribe
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201980015440.5A
Other languages
English (en)
Chinese (zh)
Other versions
CN111801926A (zh
Inventor
R·法尔克
S·弗里斯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Siemens AG
Original Assignee
Siemens AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens AG filed Critical Siemens AG
Publication of CN111801926A publication Critical patent/CN111801926A/zh
Application granted granted Critical
Publication of CN111801926B publication Critical patent/CN111801926B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)
CN201980015440.5A 2018-01-26 2019-01-16 用于公开至少一个密码学密钥的方法和系统 Active CN111801926B (zh)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
EP18153594.9A EP3518489A1 (fr) 2018-01-26 2018-01-26 Procédé et système de divulgation d'au moins une clé cryptographique
EP18153594.9 2018-01-26
EP18154078.2 2018-01-30
EP18154078.2A EP3518492B1 (fr) 2018-01-26 2018-01-30 Procédé et système de divulgation d'au moins une clé cryptographique
PCT/EP2019/051078 WO2019145207A1 (fr) 2018-01-26 2019-01-16 Procédé et système de publication d'au moins une clé cryptographique

Publications (2)

Publication Number Publication Date
CN111801926A CN111801926A (zh) 2020-10-20
CN111801926B true CN111801926B (zh) 2023-04-28

Family

ID=61054212

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201980015440.5A Active CN111801926B (zh) 2018-01-26 2019-01-16 用于公开至少一个密码学密钥的方法和系统

Country Status (4)

Country Link
US (1) US11177952B2 (fr)
EP (2) EP3518489A1 (fr)
CN (1) CN111801926B (fr)
WO (1) WO2019145207A1 (fr)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3609240A1 (fr) 2018-08-09 2020-02-12 Siemens Aktiengesellschaft Procédé mis en uvre sur ordinateur et serveur d'accès au réseau permettant de connecter un composant réseau à un réseau, en particulier à un réseau radio mobile, à l'aide des indicateurs d'accès au réseau avancés
JP7300845B2 (ja) * 2019-02-15 2023-06-30 三菱重工業株式会社 制御装置、産業用制御システムおよび暗号鍵寿命延長方法
JP2022549671A (ja) * 2019-09-25 2022-11-28 コモンウェルス サイエンティフィック アンド インダストリアル リサーチ オーガナイゼーション ブラウザアプリケーション用の暗号化サービス
US11496301B2 (en) * 2020-02-21 2022-11-08 International Business Machines Corporation Publish/subscribe messaging
EP3883214B1 (fr) * 2020-03-20 2023-09-06 Mitsubishi Electric R&D Centre Europe B.V. Procédé de mise en oeuvre d'une passerelle de communication industrielle
CN113452511B (zh) * 2020-03-24 2023-01-24 国科量子通信网络有限公司 一种基于sdn的量子密钥分发物联网的发布订阅系统及方法
CN113422680B (zh) * 2021-06-02 2022-12-23 中国电子产品可靠性与环境试验研究所((工业和信息化部电子第五研究所)(中国赛宝实验室)) 数据加密传输系统和数据加密传输方法
EP4203385A1 (fr) * 2021-12-21 2023-06-28 Siemens Aktiengesellschaft Procédé de distribution de clés parmi des dispositifs industriels dans une installation industrielle

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004093405A1 (fr) * 2003-04-18 2004-10-28 Koninklijke Philips Electronics N.V. Identifiant secret pour le renouvellement d'abonnements
CN101483866A (zh) * 2009-02-11 2009-07-15 中兴通讯股份有限公司 Wapi终端证书的管理方法、装置及系统
CN102484583A (zh) * 2009-08-28 2012-05-30 阿尔卡特朗讯公司 多媒体通信系统中的安全密钥管理
CN102687132A (zh) * 2009-12-15 2012-09-19 微软公司 用于可信计算和数据服务的可信的可扩展标记语言
CN102868676A (zh) * 2011-07-08 2013-01-09 Sap股份公司 发布/订阅网络中事件的安全分发
EP2555466A1 (fr) * 2011-08-05 2013-02-06 Selex Sistemi Integrati S.p.A. Système de distribution de clés cryptographiques
CN104158816A (zh) * 2014-08-25 2014-11-19 中国科学院声学研究所 认证方法、装置和服务器
CN105282143A (zh) * 2015-09-09 2016-01-27 民航局空管局技术中心 消息访问控制方法、装置和系统

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7089211B1 (en) * 2000-01-12 2006-08-08 Cisco Technology, Inc. Directory enabled secure multicast group communications
US7210165B2 (en) * 2003-10-29 2007-04-24 Microsoft Corporation Pre-licensing of rights management protected content
US20050204139A1 (en) * 2004-03-10 2005-09-15 Helland Patrick J. Service broker security
CN102318257B (zh) * 2008-12-15 2016-02-24 瑞典爱立信有限公司 用于信息网络的密钥分发方案
DE102010011656B4 (de) * 2010-03-17 2012-12-20 Siemens Aktiengesellschaft Verfahren und Vorrichtung zum kryptographischen Sichern einer Datenübertragung zwischen Netzwerkknoten
US8681992B2 (en) * 2012-02-13 2014-03-25 Alephcloud Systems, Inc. Monitoring and controlling access to electronic content
US9049011B1 (en) * 2012-08-15 2015-06-02 Washington State University Secure key storage and distribution
US8924718B2 (en) * 2012-10-29 2014-12-30 Tektronix, Inc. Deciphering internet protocol (IP) security in an IP multimedia subsystem (IMS) using a monitoring system
CN105379187B (zh) * 2013-05-02 2019-05-10 瑞典爱立信有限公司 性能监控数据处理
US10104049B2 (en) * 2014-09-12 2018-10-16 Vmware, Inc. Secure distributed publish/subscribe system
US9705769B1 (en) * 2014-12-17 2017-07-11 Juniper Networks, Inc. Service latency monitoring using two way active measurement protocol
WO2016162382A1 (fr) * 2015-04-07 2016-10-13 Tyco Fire & Security Gmbh Authentification d'extrémité à extrémité machine-à-machine et machine à nuage et sécurité
KR102507113B1 (ko) * 2015-07-06 2023-03-07 삼성전자주식회사 암호화된 통신 세션의 모니터링 방법, 장치 및 시스템
JP2017098666A (ja) * 2015-11-19 2017-06-01 富士通株式会社 通信装置,及び暗号化通信の異常検出方法
EP3635986A1 (fr) * 2017-06-07 2020-04-15 Telefonaktiebolaget LM Ericsson (PUBL) Interception légale améliorée

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004093405A1 (fr) * 2003-04-18 2004-10-28 Koninklijke Philips Electronics N.V. Identifiant secret pour le renouvellement d'abonnements
CN101483866A (zh) * 2009-02-11 2009-07-15 中兴通讯股份有限公司 Wapi终端证书的管理方法、装置及系统
CN102484583A (zh) * 2009-08-28 2012-05-30 阿尔卡特朗讯公司 多媒体通信系统中的安全密钥管理
CN102687132A (zh) * 2009-12-15 2012-09-19 微软公司 用于可信计算和数据服务的可信的可扩展标记语言
CN102868676A (zh) * 2011-07-08 2013-01-09 Sap股份公司 发布/订阅网络中事件的安全分发
EP2555466A1 (fr) * 2011-08-05 2013-02-06 Selex Sistemi Integrati S.p.A. Système de distribution de clés cryptographiques
CN104158816A (zh) * 2014-08-25 2014-11-19 中国科学院声学研究所 认证方法、装置和服务器
CN105282143A (zh) * 2015-09-09 2016-01-27 民航局空管局技术中心 消息访问控制方法、装置和系统

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Bernhard Dieber ; Severin Kacianka ; Stefan Rass ; Peter Schartner.Application-level security for ROS-based applications.《2016 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS)》.2016, *
Wei Peng ; Song Liu ; Kunlun Peng ; Jin Wang ; Jin Liang.A secure publish/subscribe protocol for Internet of Things using identity-based cryptography.《2016 5th International Conference on Computer Science and Network Technology (ICCSNT)》.2017, *

Also Published As

Publication number Publication date
EP3518492B1 (fr) 2021-06-30
CN111801926A (zh) 2020-10-20
EP3518489A1 (fr) 2019-07-31
WO2019145207A1 (fr) 2019-08-01
US20210050996A1 (en) 2021-02-18
EP3518492A1 (fr) 2019-07-31
US11177952B2 (en) 2021-11-16

Similar Documents

Publication Publication Date Title
CN111801926B (zh) 用于公开至少一个密码学密钥的方法和系统
US11477037B2 (en) Providing forward secrecy in a terminating SSL/TLS connection proxy using ephemeral Diffie-Hellman key exchange
US10091240B2 (en) Providing forward secrecy in a terminating TLS connection proxy
US11271730B2 (en) Systems and methods for deployment, management and use of dynamic cipher key systems
US20050193199A1 (en) Accessing protected data on network storage from multiple devices
GB2392590A (en) Establishing a chain of secure communication links for delegation
US9444807B2 (en) Secure non-geospatially derived device presence information
US7266705B2 (en) Secure transmission of data within a distributed computer system
CN114503507A (zh) 安全的发布-订阅通信方法和设备
Jennings et al. Certificate Management Service for The Session Initiation Protocol (SIP)
US11838409B2 (en) Method and apparatus for transferring data in a publish-subscribe system
EP3398318B1 (fr) Procédés et systèmes destinés à autoriser le mode d'interception légal pour un élément sécurisé ciblé
Lesjak et al. Hardware-secured and transparent multi-stakeholder data exchange for industrial IoT
US20080077938A1 (en) Method of implementing a state tracking mechanism in a communications session between a server and a client system
US20080133915A1 (en) Communication apparatus and communication method
Friesen et al. A comparative evaluation of security mechanisms in DDS, TLS and DTLS
KR101839048B1 (ko) 사물 인터넷 환경의 종단간 보안 플랫폼
EP3216163B1 (fr) Confidentialité de transmission dans un mandataire de connexion ssl/tls de terminaison utilisant un échange de clés diffie-hellman éphémère
EP2892206B1 (fr) Système et procédé pour la sécurité d'un environnement Push
CN107104888B (zh) 一种安全的即时通信方法
CN114338091B (zh) 数据传输方法、装置、电子设备及存储介质
Kumar et al. Realization of threats and countermeasure in Semantic Web services
JP2010081108A (ja) 通信中継装置、情報処理装置、プログラム、及び通信システム
Jain “Sec-KeyD” an efficient key distribution protocol for critical infrastructures
JP2011254146A (ja) 通信内容監査方法および通信内容監査システム

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant